Assistant Vice President, Cyber Security

Apply now »

Date: 25 May 2023

Location: Kuala Lumpur, MY, Malaysia

Company: Khazanah Nasional Berhad

Job Purpose

Plan and manage initiatives and global operations of Safety & Security section which consists of 3 sub-sections: a) Environmental Health Safety & Security, b) Cyber Security and c) Cyber Risk & Compliance based on company needs and industry best practices towards achieving a safe, secure and productive working environment for the organization.

Job Description

  • Responsible for managing, reviewing, and monitoring the day-to-day security controls and configuration through several security monitoring tools.
  • Responsible for the implementation and maintenance of security applications, tools, and systems. (Email Security, CASB, Vulnerability Scanning, Firewall Security Rules, Cloud IAM, etc.).
  • Provides technical guidance to the infrastructure, application team and other relevant stakeholders to enforce cloud security controls.
  • Work with the digital engineering and infrastructure team to implement best practices in detection, incident response, infrastructure protection, data protection, identity and access management.
  • Assess digital infrastructure changes, access requests or provision of resources for any security or compliance issues
  • Participates in activities and strategic initiatives related to information security, product releases and other compliance-related processes and programs.
  • Demonstrate in-depth knowledge from Layer 4 and above to secure cloud, web, digital and mobile applications further up the stack
  • Responsible for creating reference architecture documentation for the cloud security environment
  • Identification of defects and vulnerabilities in new and existing software products using static code analysis, dynamic code analysis and scanning for vulnerabilities.
  • Development of recommendations for system developers for addressing the security flaws identified.

Job Requirements

  • 5 – 7 years experience in cyber security field with exposures across different functions in cyber security (technical and non-technical)
  • Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or related certifications is a plus.
  • Experience in enterprise-level security management processes, familiar with the relevant security standards and frameworks
  • Hands-on experience with cloud technologies like AWS, GCP, Azure, and software development on the latest technology stacks eg Javascript, Python, etc.
  • Possesses good command of English language (written and spoken) and good interpersonal and communication skills

Education/Certifications

  • Bachelor's degree in Computer Science, Information Security or related field.